Please turn on your JavaScript for this page to function normally.
PHP command injection flaw exploited to deliver ransomware (CVE-2024-4577)
An OS command injection vulnerability in Windows-based PHP (CVE-2024-4577) in CGI mode is being exploited by the TellYouThePass ransomware gang. Imperva says the attacks …
Attackers are targeting vulnerable Fortigate and Pulse Secure SSL VPNs
Attackers are taking advantage of recently released vulnerability details and PoC exploit code to extract private keys and user passwords from vulnerable Pulse Connect Secure …
Released: PoC for RCE flaw in Palo Alto Networks firewalls, gateways
Palo Alto Networks has silently patched a critical remote code execution vulnerability in its enterprise GlobalProtect SSL VPN, which runs on Palo Alto Networks’ …
Featured news
Resources
Don't miss
- OAuth marketplace apps keep access after publishers vanish
- The modern-day business can learn a lot about risk from this year’s mega events
- Spotless compliance evidence can still hide a broken control
- From critical to controlled: Cutting vulnerabilities in a live manufacturing environment
- Attackers already know the secrets are on your developers’ machines. Do you?